DSA-4521 docker.io - security updatehttps://www.debian.org/security/2019/dsa-4521
<p>Three security vulnerabilities have been discovered in the Docker
container runtime: Insecure loading of NSS libraries in <q>docker cp</q>
could result in execution of code with root privileges, sensitive data
could be logged in debug mode and there was a command injection
vulnerability in the <q>docker build</q> command.</p>
2019-09-09DSA-4520 trafficserver - security updatehttps://www.debian.org/security/2019/dsa-4520
<p>Several vulnerabilities were discovered in the HTTP/2 code of Apache
Traffic Server, a reverse and forward proxy server, which could result
in denial of service.</p>
2019-09-09DSA-4519 libreoffice - security updatehttps://www.debian.org/security/2019/dsa-4519
<p>It was discovered that the code fixes for LibreOffice to address
<a href="https://security-tracker.debian.org/tracker/CVE-2019-9852">CVE-2019-9852</a> were not complete. Additional information can be found at
<a href="https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/">https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/</a>.</p>
2019-09-08DSA-4518 ghostscript - security updatehttps://www.debian.org/security/2019/dsa-4518
<p>It was discovered that various procedures in Ghostscript, the GPL
PostScript/PDF interpreter, do not properly restrict privileged calls,
which could result in bypass of file system restrictions of the dSAFER
sandbox.</p>
2019-09-07DSA-4517 exim4 - security updatehttps://www.debian.org/security/2019/dsa-4517
<p>"Zerons" and Qualys discovered that a buffer overflow triggerable in the
TLS negotiation code of the Exim mail transport agent could result in the
execution of arbitrary code with root privileges.</p>
2019-09-06DSA-4516 firefox-esr - security updatehttps://www.debian.org/security/2019/dsa-4516
<p>Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, cross-site scripting, bypass of the same-origin policy, sandbox
escape, information disclosure or denial of service.</p>
2019-09-05DSA-4515 webkit2gtk - security updatehttps://www.debian.org/security/2019/dsa-4515
<p>Several vulnerabilities have been discovered in the webkit2gtk web
engine:</p>
2019-09-04DSA-4514 varnish - security updatehttps://www.debian.org/security/2019/dsa-4514
<p>Alf-Andre Walla discovered a remotely triggerable assert in the Varnish
web accelerator; sending a malformed HTTP request could result in denial
of service.</p>
2019-09-04DSA-4513 samba - security updatehttps://www.debian.org/security/2019/dsa-4513
<p>Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print,
and login server for Unix. Specific combinations of parameters and
permissions can allow user to escape from the share path definition and
see the complete '/' filesystem. Unix permission checks in the kernel
are still enforced.</p>
2019-09-03DSA-4512 qemu - security updatehttps://www.debian.org/security/2019/dsa-4512
<p>Multiple security issues were discovered in QEMU, a fast processor
emulator, which could result in denial of service, the execution of
arbitrary code or bypass of ACLs.</p>
2019-09-02DSA-4511 nghttp2 - security updatehttps://www.debian.org/security/2019/dsa-4511
<p>Two vulnerabilities were discovered in the HTTP/2 code of the nghttp2
HTTP server, which could result in denial of service.</p>
2019-09-01DSA-4510 dovecot - security updatehttps://www.debian.org/security/2019/dsa-4510
<p>Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve
protocol parsers in the Dovecot email server do not properly validate
input (both pre- and post-login). A remote attacker can take advantage
of this flaw to trigger out of bounds heap memory writes, leading to
information leaks or potentially the execution of arbitrary code.</p>
2019-08-28DSA-4509 apache2 - security updatehttps://www.debian.org/security/2019/dsa-4509
<p>Several vulnerabilities have been found in the Apache HTTPD server.</p>
2019-08-26DSA-4508 h2o - security updatehttps://www.debian.org/security/2019/dsa-4508
<p>Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP
server, which could result in denial of service.</p>
2019-08-24DSA-4507 squid - security updatehttps://www.debian.org/security/2019/dsa-4507
<p>Several vulnerabilities were discovered in Squid, a fully featured web
proxy cache. The flaws in the HTTP Digest Authentication processing, the
HTTP Basic Authentication processing and in the cachemgr.cgi allowed
remote attackers to perform denial of service and cross-site scripting
attacks, and potentially the execution of arbitrary code.</p>
2019-08-24DSA-4506 qemu - security updatehttps://www.debian.org/security/2019/dsa-4506
<p>Multiple security issues were discovered in QEMU, a fast processor
emulator, which could result in denial of service, the execution of
arbitrary code or bypass of ACLs.</p>
2019-08-24DSA-4505 nginx - security updatehttps://www.debian.org/security/2019/dsa-4505
<p>Three vulnerabilities were discovered in the HTTP/2 code of Nginx, a
high-performance web and reverse proxy server, which could result in
denial of service.</p>
2019-08-22DSA-4504 vlc - security updatehttps://www.debian.org/security/2019/dsa-4504
<p>Multiple security issues were discovered in the VLC media player, which
could result in the execution of arbitrary code or denial of service if
a malformed file/stream is processed.</p>
2019-08-20DSA-4503 golang-1.11 - security updatehttps://www.debian.org/security/2019/dsa-4503
<p>Three vulnerabilities have been discovered in the Go programming language;
"net/url" accepted some invalid hosts in URLs which could result in
authorisation bypass in some applications and the HTTP/2 implementation
was susceptible to denial of service.</p>
2019-08-18DSA-4502 ffmpeg - security updatehttps://www.debian.org/security/2019/dsa-4502
<p>Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.</p>
2019-08-16DSA-4501 libreoffice - security updatehttps://www.debian.org/security/2019/dsa-4501
<p>It was discovered that the code fixes to address
<a href="https://security-tracker.debian.org/tracker/CVE-2018-16858">CVE-2018-16858</a> and
<a href="https://security-tracker.debian.org/tracker/CVE-2019-9848">CVE-2019-9848</a> were not complete.</p>
2019-08-15DSA-4497 linux - security updatehttps://www.debian.org/security/2019/dsa-4497
<p>Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.</p>
2019-08-13